Kernel: LWN Coverage (No Longer Paywalled) and Initial HDMI 2.0 Support With Nouveau Slated For The Next Linux Kernel

Back in the halcyon days of the previous century, those with a technical inclination often became overly acquainted with modems—not just the strange sounds they made when connecting, but the AT commands that were used to control them. While the AT command set is still in use (notably for GSM networks), it is generally hidden these days. But some security researchers have found that Android phones often make AT commands available via their USB ports, which is something that can potentially be exploited by rogue USB devices of various sorts.

A paper [PDF] that was written by a long list of researchers (Dave (Jing) Tian, Grant Hernandez, Joseph I. Choi, Vanessa Frost, Christie Ruales, Patrick Traynor, Hayawardh Vijayakumar, Lee Harrison, Amir Rahmati, Michael Grace, and Kevin R. B. Butler) and presented at the 27th USENIX Security Symposium described the findings. A rather large number of Android firmware builds were scanned for the presence of AT commands and many were found to have them. That's not entirely surprising since the baseband processors used to communicate with the mobile network often use AT commands for configuration. But it turns out that Android vendors have also added their own custom AT commands that can have a variety of potentially harmful effects—making those available over USB is even more problematic.

They started by searching through 2018 separate Android binary images (it is not clear how that number came about, perhaps it is simply coincidental) from 11 different vendors. They extracted and decompressed the various pieces inside the images and then searched those files for AT command strings. That process led to a database of 3500 AT commands, which can be seen at the web site for ATtention Spanned—the name given to the vulnerabilities.

The Linux Security Module (LSM) subsystem allows security modules to hook into many low-level operations within the kernel; modules can use those hooks to examine each requested operation and decide whether it should be allowed to proceed or not. In theory, just about every low-level operation is covered by an LSM hook; in practice, there are some gaps. A discussion regarding one of those gaps — low-level ioctl() operations on XFS filesystems — has revealed a thorny problem and a significant difference of opinion on what the correct solution is.

In late September Tong Zhang pointed out that xfs_file_ioctl(), the 300-line function that dispatches the various ioctl() operations that can be performed on an XFS filesystem, was making a call to vfs_readlink() without first consulting the security_inode_readlink() LSM hook. As a result, a user with the privilege to invoke that operation (CAP_SYS_ADMIN) could read the value of a symbolic link within the filesystem, even if the security policy in place would otherwise forbid it. Zhang suggested that a call to the LSM hook should be added to address this problem.

Days after Nouveau DRM maintainer Ben Skeggs began staging changes for this open-source NVIDIA driver ahead of the next kernel cycle, this evening Ben Skeggs submitted the DRM-Next pull request to queue this work for the Linux 4.20/5.0 kernel cycle.

As covered in that previous article, there isn't a whole lot on the Nouveau kernel driver front at this time. Skeggs summed up these open-source NVIDIA driver changes as: "Just initial HDMI 2.0 support, and a bunch of other cleanups."

One of the most common tasks carried out by device drivers is setting up DMA operations for data transfers between main memory and the device. Often, data read into memory from one device will be immediately written, unchanged, to another device. Common examples include carrying the image between the camera and screen on a mobile phone, or downloading files to be saved on a disk. Those transfers have an impact on the CPU even if it does not use the data directly, due to higher memory use and effects like cache trashing. There are cases where it is possible to avoid usage of the system memory completely, though. A patch set (posted by Logan Gunthorpe with contributions by Christoph Hellwig and Steve Wise) has been in the works for some time that addresses this case for PCI devices using peer-to-peer (P2P) transfers, with a focus on offering an offload option for the NVMe fabrics target subsystem.

More in Tux Machines

Slax is a Nifty Linux Distribution That Works from USB

Slax is a portable Linux distribution that runs from USB, it aims to create a modular, modern and lightweight Linux distribution which can be carried anywhere in a USB stick. It’s also Debian-based, which allows you as a user to access tons of packages provided by Debian using the apt command.
Slax 9.6 was released last November. So we downloaded the latest release and tried it, our experience with it was great so far, see our review below for a detailed tour in Slax.

Sparky 5.6

There are new live/install iso images of SparkyLinux 5.6 “Nibiru” available to download. This it the 4th and the last this year iso image update of the rolling line, which is based on Debian testing “Buster”.

Overland, a stylish strategy game where every single step counts is due for a full release next year and it's looking good. It's been quite some time since we talked about it, as we previously highlighted way back in 2016. Since then, it's obviously had a lot of spit and polish.

Jupiter Hell is a roguelike I'm following with great excitement, it's serving a the spiritual successor to DRL (previously DoomRL, now called DRL since ZeniMax flexed their legal muscles) and it's looking good.
After a rather successful Kickstarter, where they managed to get over £70K in funding it's coming along rather nicely.

While Warhammer 40,000: Gladius is a pretty good strategy game, it did feel somewhat limited. Things are about to get hectic, prepare your defences for the Tyranids.
Tyranids will be released in the form of a DLC that will be available in January next year as a playable race. The developers say they will be "radically different" to play as due to their gameplay mechanics, although they haven't yet gone into detail on what exactly is different.

A developer from Bulwark Studios has detailed their plans to get Warhammer 40,000: Mechanicus onto Linux and it sounds good.
After releasing for Windows in November, they've pushed out a few patches to improve various aspects of the game. It seems like they've done well with it, since it's sat at a "Very Positive" user rating with over one thousand users giving their thoughts.
For the Linux release, they're going to put up an opt-in beta version "before the Christmas holiday" with an aim to release in full once the holiday period is over. See their post here on Steam for more info.

Inspired by a love for games like Harvest Moon, Verdant Skies from Howling Moon Software is what they're calling a 'life simulation game'. Along with a recent update to the game on Friday, December 14th they also added a Linux version of the game.

Frosty Fest is now live in Rocket League, giving you a chance to earn Snowflakes as you play online to redeem special winter-themed items.
As always, it's completely free. The in-game currency cannot be purchased and can only be earned simply by playing the game in online matches. It's just a fun little event for players to earn some fun customisation items.

The Long Dark, the survival game pitting you against the harsh environment and wildlife has a big free update out.
As they've been talking about for a while, this update is the overhauled versions of Episodes One and Two. With a third episode due at some unspecified time.

Solve a puzzle at the Linux command line with nudoku

Welcome back to another installment in our 24-day-long Linux command-line toys advent calendar. If this is your first visit to the series, you might be asking yourself what a command-line toy even is. We’re figuring that out as we go, but generally, it could be a game, or any simple diversion that helps you have fun at the terminal.
Some of you will have seen various selections from our calendar before, but we hope there’s at least one new thing for everyone.

Latest News

SUSE: Aris Winardi, New User Interface for Open Build Service and More

Aris Winardi giving a presentation at the openSUSE Asia Summit 2016 in Jakarta, Indonesia
Aris Winardi, from Bogor, West Java, Indonesia, wants to inspire the openSUSE Community and Members to get involved in the Elections process and make it the best one yet.
The goal is to encourage all from the Community who are Contributors to the Project to apply for and get their openSUSE Membership, which will give them the right to vote in the upcoming elections and also some extra recognition of the work they do to keep the Project alive.

The content of the following article has been contributed by the Open Build Service (OBS) Team at SUSE. It is based on the two blog posts “OBS Is Revamping Its User Interface, Help Us to Make It Awesome” and “Revamped User Interface for Project, User and Group Pages“, originally published at the OBS web site and licensed under a Creative Commons Attribution 4.0 International License.

Especially when we see large enterprises having their brand equity destroyed due to data breeches. But don`t be naïve, small companies might not get that kind of visibility but still, according to research, 60 percent of them who suffer a cyber breech are out of business in 6 months.

Review: Rolling in the Void

Void is an independently-developed, rolling-release Linux distribution with a number of interesting characteristics, such as its own package management system (called XBPS), a custom init system (runit), integration of LibreSSL instead of OpenSSL in the base operating system, and support for several popular ARM-based devices as well as x86 images. The operating system is available in several editions, including Cinnamon, Enlightenment, LXDE, LXQt, MATE and Xfce. New Void users will also be able to choose whether to run the distribution with the GNU C Library or musl libc library. I opted to download the Xfce edition running on the GNU C Library for 64-bit machines; the ISO was 693MB in size.
Booting from the Void media brought up the Xfce 4.12 desktop environment. The desktop is presented with a panel at the top of the screen which holds the application menu and system tray. At the bottom of the display is a dock where we can quick-launch applications. The desktop has a few icons for launching the Thunar file manager. If Void detects any disk partitions these will also be listed on the desktop for easy access. The theme is mostly grey and relatively plain.